Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
php7.16129
php-CVE-2016-7129.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2016-7129.patch of Package php7.16129
Current state of this case in wddx.c: http://git.php.net/?p=php-src.git;a=blob;f=ext/wddx/wddx.c;hb=a463da7204e1d740707cb0d21ba9475ea30cf7ee Index: php-7.0.7/ext/wddx/wddx.c =================================================================== --- php-7.0.7.orig/ext/wddx/wddx.c 2016-09-05 15:39:58.663896434 +0200 +++ php-7.0.7/ext/wddx/wddx.c 2016-09-05 16:02:01.202699273 +0200 @@ -1026,19 +1026,26 @@ static void php_wddx_process_data(void * break; case ST_DATETIME: { - char *tmp; + zend_string *str; - tmp = emalloc(len + 1); - memcpy(tmp, (char *)s, len); - tmp[len] = '\0'; + if (Z_TYPE(ent->data) == IS_STRING) { + str = zend_string_safe_alloc(Z_STRLEN(ent->data), 1, len, 0); + memcpy(ZSTR_VAL(str), Z_STRVAL(ent->data), Z_STRLEN(ent->data)); + memcpy(ZSTR_VAL(str) + Z_STRLEN(ent->data), s, len); + ZSTR_VAL(str)[ZSTR_LEN(str)] = '\0'; + zval_dtor(&ent->data); + } else { + str = zend_string_init((char *)s, len, 0); + } - Z_LVAL(ent->data) = php_parse_date(tmp, NULL); - /* date out of range < 1969 or > 2038 */ - if (Z_LVAL(ent->data) == -1) { - ZVAL_STRINGL(&ent->data, (char *)s, len); + ZVAL_LONG(&ent->data, php_parse_date(ZSTR_VAL(str), NULL)); + /* date out of range < 1969 or > 2038 */ + if (Z_LVAL(ent->data) == -1) { + ZVAL_STR_COPY(&ent->data, str); + } + + zend_string_release(str); } - efree(tmp); - } break; default:
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor